rgrove-sanitize 1.0.7 → 1.0.8
Sign up to get free protection for your applications and to get access to all the features.
- data/HISTORY +6 -0
- data/README.rdoc +2 -1
- data/lib/sanitize.rb +1 -0
- metadata +1 -1
data/HISTORY
CHANGED
@@ -1,6 +1,12 @@
|
|
1
1
|
Sanitize History
|
2
2
|
================================================================================
|
3
3
|
|
4
|
+
Version 1.0.8 (2009-04-23)
|
5
|
+
* Added a workaround for an Hpricot bug that prevents attribute names from
|
6
|
+
being downcased in recent versions of Hpricot. This was exploitable to
|
7
|
+
prevent non-whitelisted protocols from being cleaned. [Reported by Ben
|
8
|
+
Wanicur]
|
9
|
+
|
4
10
|
Version 1.0.7 (2009-04-11)
|
5
11
|
* Requires Hpricot 0.8.1+, which is finally compatible with Ruby 1.9.1.
|
6
12
|
* Fixed a bug that caused named character entities containing digits (like
|
data/README.rdoc
CHANGED
@@ -15,7 +15,7 @@ or maliciously-formed HTML. When in doubt, Sanitize always errs on the side of
|
|
15
15
|
caution.
|
16
16
|
|
17
17
|
*Author*:: Ryan Grove (mailto:ryan@wonko.com)
|
18
|
-
*Version*:: 1.0.
|
18
|
+
*Version*:: 1.0.8 (2009-04-23)
|
19
19
|
*Copyright*:: Copyright (c) 2009 Ryan Grove. All rights reserved.
|
20
20
|
*License*:: MIT License (http://opensource.org/licenses/mit-license.php)
|
21
21
|
*Website*:: http://github.com/rgrove/sanitize
|
@@ -145,6 +145,7 @@ or ideas that later became code:
|
|
145
145
|
* Adam Hooper <adam@adamhooper.com>
|
146
146
|
* Mutwin Kraus <mutle@blogage.de>
|
147
147
|
* Dev Purkayastha <dev.purkayastha@gmail.com>
|
148
|
+
* Ben Wanicur <bwanicur@verticalresponse.com>
|
148
149
|
|
149
150
|
== License
|
150
151
|
|
data/lib/sanitize.rb
CHANGED